Re: Missing public keys in aptitude - SOLVED (Sarge debmirror case)

To: debian-user@lists.debian.org
Subject: Re: Missing public keys in aptitude - SOLVED (Sarge debmirror case)
From: Florian Kulzer <florian@molphys.leidenuniv.nl>
Date: Fri, 03 Feb 2006 21:07:37 +0100
Message-id: <[🔎] 43E3B809.1050805@molphys.leidenuniv.nl>
In-reply-to: <[🔎] 43E3A3FE.4040508@fgm.com>
References: <[🔎] drt7ee$g5g$1@sea.gmane.org> <[🔎] 35c231bf0602021023s7636b561rd5d801f2e055ec95@mail.gmail.com> <[🔎] 43E2539B.4050804@molphys.leidenuniv.nl> <[🔎] 43E29502.4000307@fgm.com> <[🔎] drv2sj$fun$1@sea.gmane.org> <[🔎] 43E37AE9.3040102@fgm.com> <[🔎] 20060203162332.GA15276@mano.netyl.org> <[🔎] 43E39579.1090001@molphys.leidenuniv.nl> <[🔎] 43E3A3FE.4040508@fgm.com>

Daniel Barclay wrote:

Florian Kulzer wrote:


[...]

Therefore I think it will be enough to import the signing key with gpg:

gpg --keyserver keyring.debian.org --recv-keys 2D230C5F

(with 2D230C5F being the key ID of the 2006 archive signing key), as

long as you run this command as the same user who will later rundebmirror.


I hope this works.



Yes, that seems to have worked (with the modification that for Sarge
it's the key with ID 4F368D5D ("Debian Archive Automatic Signing Key
(2005) <ftpmaster@debian.org>").


Thanks for pointing that out. I had not even considered that the 2005
key might also be missing. An important thing to keep in mind if
somebody asks that question again - which will probably happen in a few
days ;)

When will I need to get a new key (regarding Sarge)?  For example,
if/when 3.1r2 is created, will its Release.gpg file be signed using
the 2005 key (the key that was current when Sarge was first released
(3.1r0)), or will it be signed using the key that is current when
3.1r2 is released?


As far as I understand it, the signing process is automated, therefore I
would expect that all new security updates to Sarge will be signed with
the 2006 archive key. Furthermore, the 2005 key expired 3 days ago. If
Etch is released as planned then the next key update will be handled
automatically in January 2007 (using the 2006 key to validate the new
2007 key).

Regards,
            Florian

Reply to:

References:
- Re: Missing public keys in aptitude
  - From: Andreas Janssen <andreas.janssen@bigfoot.com>
- Re: Missing public keys in aptitude
  - From: David Kirchner <dpk@dpk.net>
- Re: Missing public keys in aptitude
  - From: Florian Kulzer <florian@molphys.leidenuniv.nl>
- Re: Missing public keys in aptitude
  - From: "Daniel B." <REMOVEdanielTHIS@fgm.com>
- Re: Missing public keys in aptitude
  - From: Andreas Janssen <andreas.janssen@bigfoot.com>
- Re: Missing public keys in aptitude
  - From: "Daniel B." <REMOVEdanielTHIS@fgm.com>
- Re: Missing public keys in aptitude
  - From: Yann Lejeune <yann_lejeune@yahoo.fr>
- Re: Missing public keys in aptitude
  - From: Florian Kulzer <florian@molphys.leidenuniv.nl>
- Re: Missing public keys in aptitude - SOLVED (Sarge debmirror case)
  - From: Daniel Barclay <daniel@fgm.com>

Prev by Date: Re: debian etch & sylpheed-claws-gtk not working [FIXED]
Next by Date: ACPI
Previous by thread: Re: Missing public keys in aptitude - SOLVED (Sarge debmirror case)
Next by thread: Re: mondo 2.06 (was mondo 1.67)
Index(es):
- Date
- Thread